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2014: Good Old Days of Compliance 


Probability of 


Compliance Drift 
Manual Audit 
Sampling Methods ju Six Months Audit Schedule is 
MEME: а Probability that system configurations have ____ 02 
deviated from expectations or documentation 
Software Assisted 
Automated Audits 
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Weekly Audit Schedule 
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2020: Security is Continuous and Unified 


To reduce the ‘attack 


Intellig 
surface' 


Continuous 
& Unifie 


To reduce breaches due to "pi ees 
| : | onito 

misconfigurations, lack of 

monitoring | 

Vulnerab 

Question remains: 

How to make Compliance 

and Risk continuous? 
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Semi-automated Way 
for Connecting is old! 
Time to value 

Time to see roll up the operational data 


Varied types of Security and Assets data 
FIM, Patch, Malware, VM, threats 
Scoping and Tracking Assets 


Point solutions injecting data with 
connectors, never normalize 


Evolution 


с, 
OMPLIANCE 
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Connect Security with Compliance and Risk 


Password Management (A): Procedures for creating. 
changing, and safeguarding passwords. 


CIP-007-5 Table R5 — System Access Control 


Applicable Systems Requirements 

High Impact BES Cyber Systems and | For passWord-only authentication for 

their associated: interactive user access, either technically 

1. EACMS; or procedurally enforce the following 

2. PACS; and password parameters: 

3. PCA 5.5.1. Password length that is, at least, 
the lesser of eight characters or 
the maximum length supported by 

Medium Impact BES Cyber Systems the Cyber Asset; and 

and their associated: 5.2. Minimum password complexity 

1. EACMS; that is the lesser of three or more 
2. PACS; and different types of characters (e.g., 

3. PCA uppercase alphabetic, lowercase 

alphabetic, numeric, non- 

alphanumeric) or the maximum 
complexity supported by the Cyber 


CSC 16-3 | Ensure that systems automatically create a report that 
includes a list of lockec-out accounts, disabled accounts, 
accounts with passwords that exceed the maximum 

age, and accounts with passwords that never 
expire. This list should be sent to the associated system 
administrator in a secure fashion. 


Inventory Your Systems 


Inventory and Restrict 
Software 

Secure Configurations 
and Data Security 
Continuous VM 


Review Access Rights 


oo 
coco 


Continuous Compliance & Risk From 
Continuous Security 


Qualys Unified Compliance 
& Risk 


Map security to compliance 


+ + Qualys Platform for unified 
and continuous security 


Integrated Security Platform 
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HOME DASHBOARD ASSESSMENT REPORTS CONFIGURATION 


be 
© 
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e e Assessment 
C O n tl n u O u S RI S k a n Mandate.name like $Fedramp Mod% Last 30 days 


TOTAL CONTROL OBJECTIVE FAILED CONTROL OBJECTIVE TOTAL CONTROLS EVALUATED 


Compliance 325 58 m 
rom Continuous ces mm a 


POSTURE EVALUATION 


FAILED CONTROL EVALUATIONS 


26K 


MANDATE ID OBJECTIVE OBJECTS STATUS PASS FAIL ASGNT.STATUS CRITICALITY 
ө 

c C | | r | t O ows Authenticator management 1992 ШЕШШ [Г |55 ] = 
C] 14-5 (1) Password -Ваѕеа Authentication 1308 (Assets) Fail 1011 297 | - ш 

-] Datacenter Assets 1134 (Assets) ШЕШ o | >> | NA 
cio CONTROL NAME OBJECTS POSTURE EVALUATION CRITICALITY 
1071 Status of minimum password strength 1058 (Assets) Fail Unassigned 
Q U a | S | | n ifi e d Co | | а n С е 10459 Status of required special characters 824 (Assets) Fail $34 :» | Unassigned 708 

у р SaaS Objects 1(Connector) Pass 1 a - NA 

І 

| | ld p S eve ry d p p S O u p u CID CONTROL NAME OBJECTS POSTURE EVALUATION CRITICALITY 
Е 60032 GSUITE Admin Strong Password Policy... 1 (Connectors) Pass o | Resolved | Critical | 

to 2 5 + ( O | | \ D | | a n (5 e sta n d a rd S i 61011 Microsoft365 AD Password Policy Enforce... 1 (Connectors) Pass 1 o Resolved Critical 


a n d Ri S k О bj e ctive S Mobile Devices 170 (Assets) EN (Oe 1 - M 


cio CONTROL NAME OBJECTS POSTURE EVALUATION CRITICALITY 
O 89 Mobile phone passcode length 170 (Assets) Fail 10 70 in Progress ШШ 
[] Public Cloud Services 3 (Connectors) Pass 3 a - NA 
cid CONTROL NAME OBJECTS POSTURE EVALUATION CRITICALITY 
1 6 Ensure that AWS IAM password policy is.. 3 (Connectors) Pass 3 o | NA 


шош 
7 Ensure IAM password policy requires at... 3 (Connectors) Pass з [о ] МА 
ушул. 


New-age Challenges: Teams Speaking 
Different Languages 


ө JCE 
Elastic, Kafka, custom Identify risk and Secure hosts, config/integrity/ 
web servers compliance vulnerability management 


Security & Compliance teams should be running with DevOps from the start 
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Start Compliant, Stay Compliant in 
h Qualys PC in 


DevOps wi 


Jenkins aws-golden-ami-pipeline 


Pipeline aws-golden-ami-pipeline 


дё? Recent Changes 


Stage View > 


Launch а 
Centos Launch VM 
instance with &PC 
s Scan on 
the Source instance 
AMI 
73ms 10min 44s 


єз 
Моу 01 o 
1557 

© 
Nov 01 © 


QUALYS POLICY COMPLIENCE RESULTS 


Show | 10 $ entries 


CI Phase 


CID Title Technology Criticality 
14602 Status of the 'nosuid' option for '/tmp' partition using 'mount' command CentOS 7 4 
10804 Status of the SELinux current mode (running configuration) CentOS 7 4 
10643 Status of iptables package CentOS 7 4 
12815 List of runtime audit rules for '/etc/passwd' file, using auditctl CentOS 7 4 
10664 Status of the 'OPTIONS' setting within '/etc/sysconfig/chronyd' file CentOS 7 4 
9473 Existence of the 'extraneous' files and directories (Sensitive files/Directori Tomcat 8 3 

es) 
9477 Status of 'X-Powered-By' setting within 'server.xml' file Tomcat 8 4 
9551 Status of the 'secure' attribute for each 'Connector' elements whose 'SSL Tomcat 8 4 
Enabled' are set to 'true' 

9605 Status of the command-line flag 'STRICT SERVLET COMPLIANCE' set CentOS 7 4 
for the Tomcat process 

9565 Status of the 'web server processes' which are not started with 'Security CentOS 7 4 


Manager' 


Qualys FIM Monitors From CD Phase 


c —À p 


FIM: Create 
and apply 
FIM: Apply OS application 
Embed Qualys VM PC Base Profile specific 
Cloud Agent profile 
59ms 60ms 60ms 60ms 60ms 


59ms 10min 10min 10min 10min 
failed failed | failed failed failed 

59ms 63ms 63ms 63ms 63ms 
failed failed failed failed failed 
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Automatically Discover and Assess 
Middleware with Dynamic Paths 


* Apache Tomcat 8.x 


Just based on host scans, ^ 1. ApacheTomcatControls mM 
d | © @ ove r u n a u t h O r | Z а d * (1.1) 9505 Status of the 'permissions' within 'SCATALINA HOME/webapps' directory 
t ec h no | О g | es i » 1. Apache TC 8::/optlapache-tomcat-8.0.18/apache-tomcat-8.0.18 Status: 


web servers, 


> 2. Apache TC 8::/opt(apache-tomcat-8.5.20 


F > 3. Apache TC 8::/opt/apache-tomcat-8.5.20/apache-tomcat Status: 
d ata b a S e S a u to m at | C a | | у > 4. Apache TC 8::/opt(apache-tomcat-3.5.20/apache-tomcat1 Status: 
" (1.2) 9602 Status of the 'manager application (webapps/manager)' setting 
> 1. Apache TC 8::/opt/apache-tomcat-8.5.20/apache-tomcat1 Status: 
A n d > 2. Apache TC 8::/opt/apache-tomcat-8.0.18/apache-tomcat-8.0.18 Status: 
n > 3. Apache TC 8::/opt(apache-tomcat-8.5.20/apache-tomcat Status: 


i h e re's n O n (= е d to > 4. Apache TC 8::/opt/apache-tomcat-8.5.20 Status: 55 
C r E а t e a ut h (= n ti C a ti O n > (1.3) 9603 Status of the manager application (manager.xml)' setting 


re С О rd S > (1.4) 9606 Status of the command-line flag 'RECYCLE FACADES' set for the Tomcat process 
> (1.5) 9610 Status of the 'connectionTimeout' value within 'Connector' element in 'server xml fil. 


SERIOUS 
> (1.6) 9611 Status of the 'maxHttpHeaderSize' value within 'Connector' element in 'server.xm' fil 


CISO Responsibility: Ensure Security Controls 


are in Place and Functioning 
https://www.bitsight.com/blog/ciso-roles-and-responsibilities 


Is Anti-virus active, updated for signatures, scanning? 
Is FIM, EDR agent configured correctly to monitor? 
Are OS native application protection, memory protection configured? 


Need to have Security Control Validation (SCV) in place to test and 
confirm that security tools have their pre-requisites in place and are 
configured properly on all endpoints 
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Security Control Validation from Policy 


ompliance 


Anti-Virus technologies | Qualys FIM Agent | Splunk | Kafka | Native Malware 


Protection 


91 


Total Control instances 


CATEGORY 
Anti-Virus/Malwa... 


CRITICALITY 


MEDIUM 
SERIOUS 
CRITICAL 
URGENT 


POSTURE 
PASS 
ERROR 
FAIL 


51 


18 
26 


41 


pc.policy.name:"Qualys Security windows" and pc.control.category:"Anti-Virus/Malware" 


Nov 13,2019 


* 


Nov 13,2019 


v 


Nov 13 , 2019 


* 


Nov 13,2019 


+ 


Моу 13,2019 


12364 


12364 


13738 


13738 


Status of the 'CommunicationStatus' (Last time st 


Status of the 'CommunicationStatus' (Last time st 


Status of the Symantec 'last Virus scan time' oldei 


Status of the Symantec ‘last Virus scan time’ oldei 


Qualys Policy for Security Control Validation on Windows Platform 


Ld 


Nov 13,2019 


13738 


Status of the Symantec 'last Virus scan time' oldei 


os 


Windows 10 
os 


Windows Server 2012 R2 
os 


Windows 2008 Server 
os 


Windows 10 
os 


Windows 10 
os 


1-50 of 51 


10.10.36.125 | COMDEV 


comqaw10es 
10.10.36.126 | COMQAV 


i-6f91d2a8 
10.11.114.112| I-6F91D 


com-2k8-32-87 
10.10.32.87 | COM-2K8- 


comdevw10es 
10.10.36.125 | COMDEV 


comqaw10es 
10.10.36.126 | COMQAV 


4 


Моу 13,2019 


Моу 13,2019 


Моу 13,2019 


Моу 13,2019 


Моу 13,2019 
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Start Go 


Policy Compliance 


Id, Continuously Assess, Remediate 


DASHBOARD 


POLICIES SCANS REPORTS EXCEPTIONS ASSETS USERS 20 


Reports 


ГА 


Total Controls 


LABELS 
Qualys 


TAGS 
1 USproduction 


Reports Schedules 


CONTROL COMPLIANCE 


€ Failing 


72 


Display: | Unified | Control 


Policy Summary 


Control View Templates Setup 


Policy.name like ‘%RDP%’ and asset.tagName-'USproduction' and control.status-'failed' Last 24 Hrs M = 
Asset | 
Policy.name like '% RDP%' TRENDING 


Mn 100% " 


 -— À— nn а 
06 0 


Jan 01 TODAY 


Actions + | | Group by... ¥ | 1-50 of 75 


72 Create Remediation Job | CONTROL NAME TECHNOLOGY ASSET NAME POLICY EVALUATION 


Create Alert 


Add Exception 


Failed 
Mar 21, 2018 


Failed 
Jun 02, 2017 


Failed 
Jun 12, 2018 


1430 


1040 


2200 


Status of the 'Terminal Services' service Windows XAVIERHQ39WIN Jun 02, 2018 
2008 Server 10.10.31.30 

Status of the 'Terminal Services' service Windows 7 SFO03HQLP79 Mar 21, 2018 
10.10.35.242 

Status of the 'Set time limit for active Remote Desktop Windows 10 SFOO4HQLP713 May 03, 2018 

Services sessions' setting 10.10,35.241 

Current list of Groups and User Accounts granted the Windows DCO3SJC1SQLDB Oct 22, 2018 

‘Deny logon through terminal (Remote Desktop)... 2008 Server 10.10.31.129 
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Network Devices, Printers and sensitive 
hosts can't be Scanned but are in 
Security & Compliance Scope 

Use Qualys Out-of-Band Config Assessment (OCA) 


- Create custom assets ———————,——,!!"!!!-—— ——— 
- Push command output, ve тө 


vulnerability, config data 


Detailed Results 
154.36.214.3 (hp-in01-prn02, HP-INO1-PRNO2) irs 
7 HPFutureSmart 4 A Collapse All [DNE 12 2 
Tracking Method: OCA Controls: 12 
Last Scan Date: 09/05/2019 at 11 12.12 (GMT+0530) 12 (100%) 
Qualys Host ID 9192ca4-fibf-454c-82fa-8c3 1003521 0 


Failed 


Controls validate settings 


HP FutureSmart 4.x 
Gr . 1. System Configurat 
Report vulnerabilities, security 
. А . > (1.1) 1116 Stal ile Transfer Protocol (FTP) service 
and misconfigurations Hop ad 
(1.3) 10270 St NMP community 
(1.4) 12413 St ‘AppleTalk’ protocol 
(1.5) 13857 St 'sion of firmware stor: 
(1.6) 14039 5 Р configurati 


Policy Compliance 


Best in class technology and content coverage 
For Configuration Management 


>450 Policies, >14,000 controls 

>150 technologies (traditional, emerging) 

> Widest coverage for CIS, STIG, Mandates and beyond 
> Qualys security experts author CIS benchmarks 


Data collection from all Qualys sensors 
Custom database security & integrity controls 


Auto-discovery of middleware technologies 


File, Directory Integrity, Network Shares 
Monitoring 


Auto-remediation for configuration failures 


New PC Ul and 
Customizable 
э aloTors]a9 


Policy Compliance Roadmap 


QA - 2018 : 202001 
Faster PC agent data processing : New PC UI, customizable dashboards 
File Content search for Windows : Dynamic, real-time compliance against policies, mandates 
(Search sensitive content) : Integration of PC/config data with Asset Inventory 
Auto-discovery for database З Gold policies to fix configuration Issue ‘upfront’ 
technologies : Ticketing integration with JIRA, ServiceNOW 


2020 Q2 
Configuration assessment for RDS 
Automated alerting for compliance, config failures 
Support for executing scripts/commands for custom apps 
PC agent support for web server technologies 
Compliance trending 
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Your security is only as strong as 
your weakest vendor 


Q u a lys S e с u r | су Аѕ 5 е S S m e n t ne DASHBOARD CAMPAIGNS REPORTS TEMPLATES USERS 
Questionnaire (SAQ) helps in Dashboard ~ 
in managing vendor risk per ЧИГ 


vendor criticality 


With SAQ, consolidate your ene ai 
vendor security and process ERTS uU SAGE кысын 58. 
compliance with technical e eS ATT O = 
security posture on the same RM LS AR 


IT Assets Management 


platform 


Total 


File Integrity 
Monitoring (FIM) 


Qualys FIM: In just Second Year, 


customers 


Built on the same Qualys Cloud Agent 
you use for VM, PC 


Real-time detection for high volume, 
high scale 


Automated incident management and 
alerting 


Out of the box PCI monitoring profiles 
for OS and applications 


No infrastructure, data load for you to 
manage 


190+ 
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Alert and Incident Management for 
Authorized vs Unauthorized Changes 
During Patching with Qualys FIM 
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File Integrity Monitoring DASHBOARD EVENTS RULES INCIDENTS REPORTS ASSETS CONFIGURATION 


pe 
© 
K 


Activity Rule Manager Actions 


Last 30Days v 


ruleName: Unauthorized Windows Patching Activity” or ruleName: "Authorized Windows Patching A 


3 ctivity” 


Total Activities 


14 Oct 16 Oct 18 Oct 20 Oct 22 Oct 24 Oct 26 Oct 28 Oct 30 Oct 1 Nov 3 Nov 5 Nov 7 Nov 9 Nov 11 Nov 13 Nov 15 Nov 

RULE NAME 1-3of 3 
Unauthorized Wi 2 
Authorized Wind 1 

Authorized Windows Patching Acti... Success Yes Windows Patch Activity... 1 Aparna Hinge 
ACTION NAME Authorized Windows Patching Activity " 

29 minutes ago 

Windows Patch ... 3 

Unauthorized Windows Patching A... Success Yes Windows Patch Activity... 1 Aparna Hinge 
EMAIL RECIPIENTS Unauthorized Windows Patching Activity 29 minutes ago 


ljhamb@qualys.c.. > " " 
: Я d Unauthorized Windows Patching A... Success Yes Windows Patch Activity.. 1 Aparna Hinge 


akau ualys.co. 
This Rule lists down all the events which 
A 2 hours ago 
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Open APIs: Integrate with Any 
External SIEM, DWH 


FIM DASHBOARD can || Epon ~ 


Select tme range (Default 30 Days) 


TOTAL CHANGES EVENTS BY SEVERITY 


9992  - 


CTION 


ШЕ Attributes W Create ll Delete ecurity MB Arribures Ml Create Ш Delete 
TOP CHANGES BY USER TOP CHANGES BY PROCESS 
egwin-PC\egwin NT AUTHORITY\LOCAL SERVICE ther (25 
AvastSvc e 
I-WNTX64U- 19: Administrator NT AUTHORIT 


s Agent exe 


үт AUTHORITY SYSTEM Qualy 


CHANGES BY OS PLATFORM CHANGES BY TYPE CHANGES BY CATEGORY CHANGES BY PROFILE 


НРАА aman minson 
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Qualys FIM gives context of changes in cloud 
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< Asset Details : i-076e2369b896dfe3e 


” INVENTORY 
Asset Summary 


File Integrity Monitoring 


System Information 


Finak nianon Cloud Agent FIM Events Ez мее | 


Open Ports 
Traffic Summary 
Cloud Information UNAUTHORIZED EVENTS ON $3 BUCKET FROM INSTANCE (INSTANCE ID; 
Y SECURITY 
Vulnerabilities Total Events 
Threat Protection 5.0K 
Patch Management 
Bl Authorized 4584 
Indication of Compromise 
Bl Unauthorized 498 
Certificates 
Secure Access Control 
SOAR 
Y COMPLIANCE 
Policy Compliance 
File Integrity Monitoring ТИЕ TARGE ACTION SEVERITY 
an hour ago bucketauditreports/ PutBucketPolicy InstanceProfile/i-07f6. Acces A EAAS 
2:08:18 PM 63 215182/us-west assumed-role 
Y SENSORS 
Agent Summary an hour ago bucketauditreports/t... GetObject InstanceProfile/i-07f6. Acces A к 
Connector Summary олар i 82/us-wes assumed-role 
Passive Sensor an hour ago bucketauditreports/ec2... DeleteObject InstanceProfile/i-07f6. Unauthor À ШШ 
Alert Notifications аа ———À 
an hour ago bucketauditreports/RDS... DeleteObject InstanceProfile/i-07f6. Unauthor A ЕЕЕ 
ниш 


an hour ago bucketauditreports/tom... DeleteObject InstanceProfile/i-07f6. Unauthor À 


FIM Demo 


FIM Roadmap 


QA - 2019 
Process, user and time-period 
inclusions and exclusions for event 
data collection 


2020 Q1 


Windows Registry monitoring for changes 
Injection of PC FIM UDC data to FIM 
FIM for cloud storage (S3 bucket content monitoring) – cloud-trail 
integration 


| : r reporting 


Q4 - 2019 : 2020 Q2 
: Monitoring for file content changes/text changes 
FIM hosts health and status: %of — : External integration with JIRA, ServiceNOW 
hosts with latest data, stale hosts with | Monitoring profiles — import/exports 
no changes, hosts without a FIM. : Patch Reconciliation: Integration with Qualys Patch 
monitoring profile : Management for managing changes due to patching 
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1-15 Software as a Service (SaaS) |- | > | 
/ > + + Security & Compliance . · . · |->; 


Even Cloud is bloated; Need just SaaS 
Applications 


HR gets the cloud treatment 


Public cloud spending skyrockets as SaaS shines Lon . : 
SIDG Workday Rises on Demand for Business 
IDC: Cloud spending to grow 21% Cloud-Based Software 
V UN a 
һу 2021 workday. Namely 
, Spending On CRM Apps Predicted To Soar In 
О Office365 box $$ © эз | 
COMPUTERWORLD 
Microsoft, Google Make Cloud Offerings More Enticing 
since ANA 


CWEEK 
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Manage Access, Exposure, Configuration and 
Compliance of SaaS Applications 


CloudView 


Qualys SaaS Security and RUNE 
Compliance (SSC) enables © 


DOCUMENTS APPLICATIONS AT RISK DOCUMENT TYPES 


Inventor a ro SENE 
14432 20 13693 


A | Y 
Access es С TEE м: = 
8 Anyonewithlink 88 folder 473 
E 
Exposure = ШЕ 


Security Configurations 


USERS EXTERNAL USERS WITH MOST ACCESS INTERNAL USERS WITH MOST EXPOSURE 


of SaaS applications and resources |» æ Ц „н> + ae xm 
E.g. Office365, Gsuite, Salesforce 


ethabarAnualve nam 16 daanak Mardua in 


Discover Sensitive data and make Sure it is secure 


and monitored for changes with Qualys DAG 


Qualys Data Access 
Governance (DAG) will help 
with regulatory compliance 


Discovery 


Access Visibility 
Activity Monitoring 


For your sensitive, critical data 
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< Asset Details : docuvault01.prod 


v INVENTORY 
Asset Summary 
System Information 
Network Information 
Open Ports 


Traffic Summary 


+ 


SECURITY 

Vulnerabilities 

Threat Protection 

Patch Management 
Indication of Compromise 
Certificates 

Secure Access Control 


SOAR 


v COMPLIANCE 
Data Access Governance 
File Integrity Monitoring 


Policy Compliance 


v SENSORS 
Agent Summary 
Connector Summary. 
Passive Sensor 


Alert Notifications 


Data Access Governance 


SENSITIVE FILES 


FILE NAME 


EmployeeRecords.mdb 
C:\Users\04961-a\Doc 


VulnerabilityReport_Q42019.csv 


C:\ProgramData\Microsoft He. 


Employee_PAN_details_Dec... 


C:\Users\04961-a \Documents. 


intraappTrans.logs 
CAUsersV04961-a \Documents. 


ACCESS CONTROL CHECKS (PC) 


Total 
P 20 view 


Wi Failed 
DATA LABELS OCCURANCE 
[eu [corn [cca 398 
[Ра [ vunneporis 1589 
[ect [ри [corr 257 
[ccr^ 
[Ра 3 


FILES ACCESSED IN LAST 48 HRS 


Total 
£p Амен 


Bl Recently Access.. 1 


FILE CRITICALITY LAST DISCOVERED ON 


5 days ago 
12:08:18 PM 
[High | 5 days ago 
12:08:18 PM 
5 days ago 
12:08:18 PM 
5 days ago 
12:08:18 PM 


Cloud Applications Qualys Cloud Platform 


Directory / Metadata / access / classification Unstructured Data Discove ry 


Adya/CV/CloudTrail 


salesforce 


г? M NA 
4S7 7 | Visibility in ITAM - Know Assets hold 
ор sensitive data 
Ne 
o 4 
А 
Ka" Secure through PC - Create 
\ 2 permission/share/access controls to 
04 check their access 
Se 
4 ч 
4 Compliance 


GDPR / CCA / HIPAA/ etc 


Desktop 


Monitor them through FIM 


On Premise Unstructured Data 
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Thank You 


Compliance Team and Shailesh Athalye 
sathalye@qualys.com 


